145 matches found
RT-Thread 安全漏洞
RT-Thread is an open source IoT real-time operating system RTOS open-sourced by RT-Thread. RT-Thread suffers from a buffer overflow vulnerability that stems from dfsv2 dfsfile failing to properly validate the length size of input data, which can be exploited by a remote attacker to execute...
CVE-2024-25392
An out-of-bounds access occurs in utilities/varexport/varexport.c in RT-Thread through 5.0.2...
CVE-2024-25395
A buffer overflow occurs in utilities/rt-link/src/rtlink.c in RT-Thread through 5.0.2...
CVE-2024-25395
A buffer overflow occurs in utilities/rt-link/src/rtlink.c in RT-Thread through 5.0.2...
CVE-2024-24335
A heap buffer overflow occurs in the dfsv2 romfs filesystem RT-Thread through 5.0.2...
CVE-2024-25390
A heap buffer overflow occurs in finsh/mshfile.c and finsh/msh.c in RT-Thread through 5.0.2...
CVE-2024-25389
RT-Thread through 5.0.2 generates random numbers with a weak algorithm of "seed = 214013L seed + 2531011L; return seed 16 & 0x7FFF;" in calcrandom in drivers/misc/rtrandom.c...
CVE-2024-25389
RT-Thread through 5.0.2 generates random numbers with a weak algorithm of "seed = 214013L seed + 2531011L; return seed 16 & 0x7FFF;" in calcrandom in drivers/misc/rtrandom.c...
CVE-2024-25388
drivers/wlan/wlanmgmt,c in RT-Thread through 5.0.2 has an integer signedness error and resultant buffer overflow...
CVE-2024-25390
CVE-2024-25390 affects RT-Thread up to version 5.0.2, with a heap-based buffer overflow in the finsh/msh_file.c and finsh/msh.c components. The issue is described consistently across multiple sources (NVD, Red Hat, OSV, CNNVD, CVE listings) as a heap overflow in these FinSH-related sources, impac...
CVE-2024-25389
The CVE-2024-25389 entry concerns RT-Thread up to version 5.0.2, where the function calc_random (rt_random.c) uses a weak linear congruential generator seed = 214013L * seed + 2531011L; return (seed >> 16) & 0x7FFF;. This results in predictable random numbers and thus potential exploitation...
RT-Thread 安全漏洞
RT-Thread is an open source IoT real-time operating system RTOS from RT-Thread Open Source. A security vulnerability exists in RT-Thread version 5.0.2, which stems from a heap-based buffer overflow in drivers/wlan/wlanmgmt.c. The vulnerability is caused by the presence of a heap-based buffer...
CVE-2024-25393
A stack buffer overflow occurs in net/at/src/atserver.c in RT-Thread through 5.0.2...
CVE-2024-24335
A heap buffer overflow occurs in the dfsv2 romfs filesystem RT-Thread through 5.0.2...
RT-Thread 安全漏洞
RT-Thread is an open source IoT real-time operating system RTOS from RT-Thread Open Source. A security vulnerability exists in RT-Thread version 5.0.2, which originates from a buffer-based overflow in utilities/rt-link/src/rtlink.c. The vulnerability is caused by the presence of a buffer-based...
RT-Thread 安全漏洞
RT-Thread is an open source IoT real-time operating system RTOS open-sourced by RT-Thread. RT-Thread suffers from a buffer overflow vulnerability that stems from net/at/src/atserver.c failing to properly validate the length size of input data, which can be exploited by remote attackers to execute...
CVE-2024-24334
A heap buffer overflow occurs in dfsv2 dfsfile in RT-Thread through 5.0.2...
RT-Thread 安全漏洞
RT-Thread is an open source IoT real-time operating system RTOS from RT-Thread Open Source. A security vulnerability exists in RT-Thread version 5.0.2, which stems from a stack-based buffer overflow in libc/posix/ipc/mqueue.c. The vulnerability is caused by the presence of a stack-based buffer...
CVE-2024-25388
RT-Thread vulnerability CVE-2024-25388 affects the wlan_mgmt,c driver in RT-Thread up to version 5.0.2. The issue is an integer signedness error that enables a heap/buffer overflow. Affected component: drivers/wlan/wlan_mgmt,c. The impact is a buffer overflow as stated in multiple sources. Remedi...
CVE-2024-25390
A heap buffer overflow occurs in finsh/mshfile.c and finsh/msh.c in RT-Thread through 5.0.2...